Aggregating Online Activities

ABSTRACT

The disclosure includes a system and method for automatically authorizing data transfer from a third party service to a user device. The system includes a processor and a memory storing instructions that, when executed, cause the system to: receive a request for data from a user of a user device; receive information associated with the user and information associated with the user device; determine whether the user has previously provided authorization for a particular application available on the third party site; determine whether the user has previously provided authorization for the user device; and if the user has previously provided authorization for a particular application available on the third party site or has previously provided authorization for the user device, send data to the user device.

CROSS REFERENCE

The present application claims priority from U.S. Provisional PatentApplication Ser. No. 61/663,485, entitled “Aggregating OnlineActivities” filed on Jun. 22, 2012, which is incorporated herein byreference.

BACKGROUND

The specification relates to automatically authorizing data transferfrom a second server to a user device.

Over the last decade, social networking has become increasingly popular.A user may share online activities with other users including friends,family members, etc., via a social feed posted on a social network. Auser may also interact with a variety of different third party websites.For example, the user may read an article on a third party website andpost a comment about the article on the third party website. It may behighly desirable to incorporate the user interactions with differentthird party websites into the user's social feed on the social networkso that a richer and more complete social feed including activitiesperformed on the social network and/or third party websites may bepresented to the user or the user's friends, family members or otheracquaintances.

SUMMARY

According to one innovative aspect of the subject matter described inthis disclosure, a system for automatically authorizing data transferfrom a third party server to a user device includes: a processor and amemory storing instructions that, when executed, cause the system to:receive a request for data from a user of a user device; receiveinformation associated with the user and information associated with theuser device; determine whether the user has previously providedauthorization for a particular application available on the third partysite; determine whether the user has previously provided authorizationfor the user device; and if the user has previously providedauthorization for a particular application available on the third partysite or has previously provided authorization for the user device, senddata to the user device.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receiving arequest for data from a user of a user device; receiving informationassociated with the user and information associated with the userdevice; determining whether the user has previously providedauthorization for a particular application available on the third partysite; determining whether the user has previously provided authorizationfor the user device; and if the user has previously providedauthorization for a particular application available on the third partysite or has previously provided authorization for the user device,sending data to the user device.

According to one innovative aspect of the subject matter described inthis disclosure, a system for automatically authorizing data transferfrom a third party server to a user device includes: a processor and amemory storing instructions that, when executed, cause the system to:receive, at a first service from a second service, a request forapproval of data transmission; receive, at the first service, userinformation and information associated with a first device; determinewhether a user has previously granted access to the second service tothe first service using the first device; determine whether a seconddevice was previously granted access to the first service; and if theuser has previously granted access to the second service to the firstservice using the first device and the second device was previouslygranted access to the first service, send approval to transmit data bythe second service to the second device.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receiving, at afirst service from a second service, a request for approval of datatransmission; receiving, at the first service, user information andinformation associated with a first device; determining whether a userhas previously granted access to the second service to the first serviceusing the first device; determining whether a second device waspreviously granted access to the first service; and if the user haspreviously granted access to the second service to the first serviceusing the first device and the second device was previously grantedaccess to the first service, sending approval to transmit data by thesecond service to the second device.

According to another innovative aspect of the subject matter describedin this disclosure, a system generating interactive posts includes: aprocessor and a memory storing instructions that, when executed, causethe system to: receive content for publishing, including a plurality ofdata items from a user device; receive data associated with theplurality of data items from a second server; generate a post includinga representation of each of the plurality of data items; receive aselection of at least one of the plurality of data items; and generatean action corresponding to the selection.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receivingcontent for publishing, including a plurality of data items from a userdevice; receiving data associated with the plurality of data items froma second server; generating a post including a representation of each ofthe plurality of data items; receiving a selection of at least one ofthe plurality of data items; and generating an action corresponding tothe selection.

According to one innovative aspect of the subject matter described inthis disclosure, a system for generating interactive posts includes: aprocessor and a memory storing instructions that, when executed, causethe system to: receive, at a first service, content for publishing froma user device, the content including a plurality of data items; receive,at the first service, data associated with the plurality of data itemsfrom a second service, the second service having received userauthorization to interact with the first service; generate, by the firstservice, a post including a representation of the plurality of dataitems; receive, at the first service, a selection of at least one of theplurality of data items; and generate an action directed to the secondservice corresponding to the selection.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receiving, at afirst service, content for publishing from a user device, the contentincluding a plurality of data items; receiving, at the first service,data associated with the plurality of data items from a second service,the second service having received user authorization to interact withthe first service; generating, by the first service, a post including arepresentation of the plurality of data items; receiving, at the firstservice, a selection of at least one of the plurality of data items; andgenerating an action directed to the second service corresponding to theselection.

According to another innovative aspect of the subject matter describedin this disclosure, a system for generating interactive posts includes:a processor and a memory storing instructions that, when executed, causethe system to: receive content for publishing including at least onedata item from a user device; receive data associated with the data itemfrom a second server; generate a post including a dynamic representationof the one data item; receive a update associated with the one dataitem; and generate an updated post including an update to the dynamicrepresentation of the one data item.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receivingcontent for publishing including at least one data item from a userdevice; receiving data associated with the data item from a secondserver; generating a post including a dynamic representation of the onedata item; receive a update associated with the one data item; andgenerating an updated post including an update to the dynamicrepresentation of the one data item.

According to one innovative aspect of the subject matter described inthis disclosure, a system for generating interactive posts includes: aprocessor and a memory storing instructions that, when executed, causethe system to: receive, at a first service, content for publishingincluding at least one data item; receive, at the first service, dataassociated with the data item from a second service, the second servicehaving authorization to interact with the first service; generate, bythe first service, a post including a dynamic representation of the dataitem; receive, at the first service, an update associated with the dataitem from the second service; and generate, by the first service, anupdated post including an update to the dynamic representation of thedata item based on the update associated with the at least one data itemfrom the second service.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receiving, at afirst service, content for publishing including at least one data item;receiving, at the first service, data associated with the data item froma second service, the second service having authorization to interactwith the first service; generating, by the first service, a postincluding a dynamic representation of the data item; receiving, at thefirst service, an update associated with the data item from the secondservice; and generating, by the first service, an updated post includingan update to the dynamic representation of the data item based on theupdate associated with the data item from the second service.

According to another innovative aspect of the subject matter describedin this disclosure, a system for providing fine grain control of sharingof user information includes: a processor and a memory storinginstructions that, when executed, cause the system to: receiveindication that a user interacted with second server; receive inputidentifying the second server; determine whether second server isenrolled; determine an identity of the user; determine what informationthe user has permitted sharing with the second server; retrieve thepermitted user information; and provide permitted information to thesecond server.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receivingindication that a user interacted with second server; receiving inputidentifying the second server; determining whether second server isenrolled; determining an identity of the user; determining whatinformation the user has permitted sharing with the second server;retrieving the permitted user information; and providing permittedinformation to the second server.

According to another innovative aspect of the subject matter describedin this disclosure, a system for providing fine grain control of sharingof user information includes: a processor and a memory storinginstructions that, when executed, cause the system to: receive, at afirst service, an indication that a user interacted with a secondservice; receive, at the first service, an input identifying the secondservice; determine, at the first service, whether second service isenrolled with the first service; determine, at the first service, anidentity of the user; determine that the user authorized a particularscope of sharing of data from the first service to the second service;determine, at the first service, what information the user has permittedsharing with the second service based on the particular scope ofsharing; retrieve the permitted user information from the first service;and providing permitted information to the second service

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receiving, at afirst service, an indication that a user interacted with a secondservice; receiving, at the first service, an input identifying thesecond service; determining, at the first service, whether secondservice is enrolled with the first service; determining, at the firstservice, an identity of the user; determining that the user authorized aparticular scope of sharing of data from the first service to the secondservice; determining, at the first service, what information the userhas permitted sharing with the second service based on the particularscope of sharing; retrieving the permitted user information from thefirst service; and providing permitted information to the secondservice.

According to another innovative aspect of the subject matter describedin this disclosure, a system annotating user activity informationincludes: a processor and a memory storing instructions that, whenexecuted, cause the system to: receive activity information associatedwith a user; receive data associated with the activity information froma second server; aggregate activity information; determine associatedinformation related to aggregated activity information; and sendassociated information for display.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receivingactivity information associated with a user; receiving data associatedwith the activity information from a second server; aggregating activityinformation; determining associated information related to aggregatedactivity information; and sending associated information for display.

These and other implementations may each optionally include one or moreof the following features of: encrypting the user information andproviding encrypted permitted information to the second service.

According to another innovative aspect of the subject matter describedin this disclosure, a system annotating user activity informationincludes: a processor and a memory storing instructions that, whenexecuted, cause the system to: receive activity information associatedwith a user from a first service, the activity information includinginformation related to the user activity associated with a secondservice on the first service; receive data associated with the activityinformation from a second service; aggregate the activity informationfrom the first service and the data from the second service at the firstservice; determine, at the first service, associated information relatedto aggregated activity information; and send the associated informationand at least a portion of the aggregated activity information and datafrom second service to the second service for display.

In general, another innovative aspect of the subject matter described inthis disclosure may be embodied in methods that include: receivingactivity information associated with a user from a first service, theactivity information including information related to the user activityassociated with a second service on the first service; receiving dataassociated with the activity information from a second service;aggregating the activity information from the first service and the datafrom the second service at the first service; determining, at the firstservice, associated information related to aggregated activityinformation; and sending the associated information and at least aportion of the aggregated activity information and data from secondservice to the second service for display.

These and other implementations may each optionally include one or moreof the following features of: sending the associated information fordisplay including sending the information to the third party service andsending the associated information for display including sending theinformation to a first service.

Other aspects include corresponding methods, systems, apparatus, andcomputer program products for these and other innovative aspects.

The present disclosure may be particularly advantageous in a number ofrespects. The system may allows a second server to automaticallytransfer data to a user device without needing the user to enter usercredentials more than one time for an associated application or anassociated device.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure is illustrated by way of example, and not by way oflimitation in the figures of the accompanying drawings in which likereference numerals are used to refer to similar elements.

FIG. 1 is a block diagram illustrating an example system for providingthird party modifications to a user history.

FIG. 2 is a block diagram illustrating an example of a connectionapplication.

FIG. 3 is a block diagram illustrating an example of an enrollmentapplication.

FIG. 4 is a block diagram illustrating an example of a sharingapplication.

FIG. 5 is a flowchart of an example method for providing third partymodifications to a user history.

FIGS. 6A-6C are flowcharts of another example method for providing thirdparty modifications to a user history.

FIGS. 7A-7B are flowcharts of an example method for sharing userinformation with a second server.

FIG. 8A is a flowchart of an example method for automaticallyauthorizing data transfer from a second server to a user device.

FIG. 8B is a flowchart of another example method for automaticallyauthorizing data transfer from a second server to a user device.

FIG. 9A is a flowchart of an example method for generating interactiveuser posts.

FIG. 9B is a flowchart of another example method for generatinginteractive user posts.

FIG. 10 is a flowchart of an example method for generating user activityinformation.

FIG. 11 is a graphic representation of an example user interface of asocial network portal displaying activity summaries for a user.

FIG. 12 is a graphic representation of another example user interface ofa social network portal displaying activity summaries for a user.

FIG. 13 is a graphic representation of an example user interface of asocial network portal displaying an interactive post of a user.

DETAILED DESCRIPTION

FIG. 1 illustrates a block diagram of some implementations of a system100 for providing third party modifications to a user history. Theillustrated system 100 includes user devices 115 a . . . 115 n (alsoreferred to herein individually and collectively as 115) that areaccessed by users 125 a . . . 125 n (also referred to hereinindividually and collectively as 125), a first server 101, a data server109 and a second server 107. In the illustrated implementation, theseentities of the system 100 are communicatively coupled via a network105.

The user devices 115 a, 115 n in FIG. 1 are used by way of example.While FIG. 1 illustrates two user devices 115 a and 115 n, the presentdisclosure applies to a system architecture having one or more userdevices 115. Furthermore, although FIG. 1 illustrates one network 105coupled to the user devices 115, the first server 101, the second server107 and the data server 109, in practice one or more networks 105 can beconnected to these entities. For example, in one implementation, thesystem 100 may include a first service, for example, a social networkservice, hosted on the first server 101. The system 100 may also includea second service, for example another service hosted on the secondserver (for example, the second server may be a third party server).Furthermore, while FIG. 1 includes one first server 101, one secondserver 107 and one data server 109, the architecture 100 could includeone or more first servers 101, one or more second servers 107 and one ormore data servers 109.

The network 105 can be a conventional type, wired or wireless, and mayhave numerous different configurations including a star configuration,token ring configuration or other configurations. Furthermore, thenetwork 105 may include a local area network (LAN), a wide area network(WAN) (e.g., the Internet), and/or other interconnected data pathsacross which multiple devices may communicate. In some implementations,the network 105 may be a peer-to-peer network. The network 105 may alsobe coupled to or includes portions of a telecommunications network forsending data in a variety of different communication protocols. In someimplementations, the network 105 includes Bluetooth communicationnetworks or a cellular communications network for sending and receivingdata including via short messaging service (SMS), multimedia messagingservice (MMS), hypertext transfer protocol (HTTP), direct dataconnection, WAP, email, etc.

The first server 101 can be a hardware server that includes a processor,a memory and network communication capabilities. In the illustratedimplementation, the first server 101 is coupled to the network 105 viasignal line 104. The first server 101 sends and receives data to andfrom one or more of the user devices 115 a, 115 n, the second server 107and the data server 109 via the network 105. The first server 101includes a social network application 103. A social network can be atype of social structure where the users may be connected by a commonfeature. The common feature includes relationships/connections, e.g.,friendship, family, work, an interest, etc. The common features may beprovided by one or more social networking systems including explicitlydefined relationships and relationships implied by social connectionswith other online users, where the relationships form a social graph. Insome examples, the social graph can reflect a mapping of these users andhow they are related. Furthermore, it should be understood that thefirst server 101 and the social network application 103 arerepresentative of one social network and that there may be multiplesocial networks coupled to the network 105, each having its own server,application and social graph. For example, a first social network may bemore directed to business networking, a second may be more directed toor centered on academics, a third may be more directed to localbusiness, a fourth may be directed to dating and others may be ofgeneral interest or a specific focus. In some implementations, thesocial network includes a service that provides a social feed describingone or more activities of a user 125. For example, the social feedincludes one or more status updates for the user 125 describing theuser's actions, thoughts, opinions, etc. In some implementations thesocial network application 103 is stored and executed on one of thesecond server 107 and the data server. In some implementations, theservice provided by the social network application 103 is referred to asa “social network service.” Other implementations are possible. In someimplementations, the services and components of the second server 107,first server 101, and data server 109 can be provided by the same one ormore servers. Moreover, the separation of various components and serversin the implementations described herein should not be understood asrequiring such separation in all implementations, and it should beunderstood that the described components and servers can generally beintegrated together in a single component or server.

In some implementations, the social network application 103 determinessocial content to be provided to a user 125 based at least in part on auser history. For example, the social network application 103 cooperateswith the data server 109 to aggregate user activity into a user history.In some implementations, the user activity may include user interactionswith a third party site. In some implementations, the user activity mayoccur in a social network. The social network application 103 maycooperate with the data server 109 to publish the user activity in afirst user's 125 social feed to a social network service. Alternatively,the social network application 103 may cooperate with the data server109 to provide the user activity into a private history for a first user125. The social network application 103 then can determine which useractivity in the history should be posted in a social feed for a seconduser 125 based at least in part upon an explicit request from the seconduser 125 or a determination that the second user 125 implicitly requeststhe content. In some implementations, all or part of thesefunctionalities of social network application 103 may be alternativelyimplemented by the data server 109 which will be described below.

In some implementations, the first server 101 sends and receives data toand from one or more of the user devices 115 a, 115 n and generatessocial content associated with the user 125 of the user device 115 a. Insome implementations, the, the first server 101 sends and receives datato and from one or more of the user devices 115 a, 115 n and generatessocial content received from the user devices 115 a, 115 n. For example,the first server 101 cooperates with the user devices 115 a, 115 n toreceive data from the user device and generate posts by the user 125 tobe displayed on a social network portal. In some implementations, theposts include data associated with a second server 107 and alsocooperates with the second server 107 to update the content of the postaccordingly.

Many examples for determining social content to be provided to a user125 based at least in part on a user history may be possible. Forexample, a first user 125 posted a review for a camera on a third partysite or a social network. The social network application 103 cooperatedwith the data server 109 to aggregate the post into a history for thefirst user 125. For example, the social network application 103published the post in a social feed. A second user 125 ignored the postsince the second user 125 felt it was not relevant. However, after a fewmonths, the second user 125 decided to buy a camera. For example, thesecond user 125 had a conversation with a friend in the social networkmentioning this intent. Upon the second user's intent, the socialnetwork application 103 retrieves the post about the camera andpublishes the post in the second user's 125 social feed.

In some implementations, the first server 101 includes an optionalapplication programming interface (“API”) 199. The API 199 can includecode and routines for handling data communication among differententities. For example, the optional API 199 can be stored in the firstserver 101 includes code and routines for handling data communicationbetween the first server 101 and the data server 109. As anotherexample, the optional API 199 can be stored in the first server 101includes code and routines for handling data communication between thefirst server 101 and the second server 107. As another example, theoptional API 199 can be stored in the first server 101 includes code androutines for handling data communication between the first server 101and the user devices 115 a, 115 n. In the illustrated implementation,the API 199 is depicted using a dashed line to indicate that the API 199may be an optional feature for the first server 101.

The second server 107 can be a hardware server that includes aprocessor, a memory and network communication capabilities. In theillustrated implementation, the second server 107 is coupled to thenetwork 105 via signal line 106. The second server 107 sends andreceives data to and from other entities of the system 100 via thenetwork 105. The second server 107 includes a service module 193, aconnection application 190 and an optional API 199. The components ofthe second server 107 are communicatively coupled to each other.

The API 199 is described above and the descriptions for the API 199 willnot be repeated here. In some implementations, the optional API 199 canbe stored in the second server 107 includes code and routines forhandling data communication between the second server 107 and the dataserver 109. For example, the API 199 can include an interface allowingthe second server 107 to transmit data to the data server 109. Asanother example, the API 199 can include an interface allowing thesecond server 107 to transmit data to the first server 101. As anotherexample, the API 199 can include an interface allowing the second server107 to transmit data to the user devices 115 a, 115 n.

The service module 193 can be code and routines for providing a serviceto a user. For example, the service module 193 includes code androutines for providing a web page with an embedded video to a user 125and allowing the user 125 to interact with the web page and/or thevideo. Other examples of services provided by the service module 193include, but not limited to, providing a news feed, publishing anarticle, generating a playlist, publishing a video, posting a picture orother online services. In some implementations, a user 125 interactswith a service provided by the service module 193. The service module193 generates user activity data describing the user interaction withthe service. For example, a user 125 comments on a news articlepresented on a web page provided by the service module 193, causing theservice module 193 to generate user activity data describing that theuser 125 has commented on the news article. The service module 193 sendsthe user activity data to the connection application 190. In someimplementations, the service module 193 stores the user activity data ina second storage device 297 described below with respect to FIG. 2. Insome implementations, the service module 193 can be stored and executedon one of the first server 101 and the data server 109. The serviceprovided by the service module 193 can be referred to as a “firstservice.”

The connection application 190 can be code and routines for connectingthe second server 107 to the data server 109. In some implementations,the connection application 190 can be implemented using hardwareincluding a field-programmable gate array (“FPGA”) or anapplication-specific integrated circuit (“ASIC”). In some otherinstances, the connection application 190 can be implemented using acombination of hardware and software. In some implementations, theconnection application 190 may be stored in a combination of the devicesand servers, or in one of the devices or servers.

In some implementations, the connection application 190 aggregates useractivity data associated with a user 125 and shares the user activitydata with the data server 109 upon the consent of the user 125 and theservice providing the user activity data (e.g., through the secondserver 107). The user activity data can be data describing one or moreuser interactions with a service, e.g., provided by the second server107. For example, the user activity data includes data describing that auser 125 has viewed a video hosted by the second server 107. In someimplementations, a single interaction can also involve multiple actions.For example, a user could purchase a movie and watch it. In someimplementations, the connection application 190 controls the data sharedwith the data server 109 by specifying one or more types of userinteractions to be shared with the data server 109. For example, theconnection application 190 specifies to share a view type of userinteractions with the data server 109 and transmits user activity dataassociated with the view type to the data server 109. In one embodiment,an entity of the data server 109 (e.g., the enrollment application 195,the sharing application 188, the authorization application 196, or acombination of the enrollment application 195, the authorizationapplication 196, and the sharing application 188) provide an input tothe second server 107 specifying one or more types of user interactionsto be shared with the data server 109. The interactions could beannotated using time, location, weather, and people (eg. other peoplewho were present with the user). The connection application 190 will bedescribed below in more detail with reference to FIG. 2.

In some implementations, a type of user interactions may be categorizedby an action associated with the user interactions. For example, a typeof user interactions may be categorized by a verb describing an actionin a user interaction. Examples of an action associated with a userinteraction can include, but not limited to, “view” (e.g., viewing avideo on a site, viewing an online movie, etc.), “comment” (e.g.,commenting on a post, commenting on a picture, etc.), “listen” (e.g.,listening to a piece of music, listening to a radio station, etc.),“search” (e.g., searching for a product, searching for a news article,etc.), “read” (e.g., reading an article, reading a blog, etc.), “checkin” (e.g., checking in a restaurant, checking in a coffee shop, etc.)and “post” (e.g., posting a picture on a site), etc. Examples of a typeof user interactions may include, but not limited to, a view type, acomment type, a listen type, a search type, a read type, a check-in typeand a post type, etc. Other types of user interactions may be possible.In some implementations, the connection application 190 can be storedand executed on one of the first server 101 and the data server 109. Theservice provided by the connection application 190 can be referred toherein as the “connection service.”

In some implementations, the connection application 190 providesmetadata in addition to the user activity data to the data server 109.In some implementations, the metadata can include data describingadditional information in association with the verbs describing actionsin user interactions. For example, the metadata can include datadescribing an identity of a user 125 who performs the action, a date anda time of the action and a subject to which the user 125 performs theaction. The connection application 190 provides the metadata to the dataserver 109 upon the consent of the user 125 and the service providingthe metadata. In some implementations, the connection application 190provides metadata in association with certain types of verbs to the dataserver 109. For example, the connection application 190 specifies toshare metadata for a view type of user interactions with the data server109 and transmits the metadata in association with the view type actionsto the data server 109.

In some implementations, the connection application 190 generates andsends an indication to the data server 109 describing a user 125interacts with a widget on a third party site, allowing the data server109 to provide the user 125 an option to connect the user's 125 firstaccount (for example, an account for a first service) with a secondaccount (for example, an account for a second service). In someimplementations, a widget may be an embedded application providing aservice. The service may be a social network service. For example, auser 125 visits a third party site and clicks a widget, e.g., a “share”button, an acknowledgement indication button, etc. The connectionapplication 190 generates an indication describing the user 125 clicksthe widget and sends the indication to the data server 109. Uponreceiving the indication, the data server 109 controls the connectionapplication 190 to generate interface data for providing a userinterface that allows the user 125 to connect a foreign account to thelocal account of the user 125. For example, a foreign account may be asocial account of the user 125 registered with the social networkapplication 103. A local account may be an account of the user 125registered with the second server 107. In some implementations, the dataserver 109 generates the interface data and transmits the data to theconnection application 190 for displaying the user interface on the userdevice 115 of the user 125. In some implementations, if the user 125approves to connect the foreign account with the local account, theconnection application 190 connects the foreign account with the localaccount of the user 125 and sends data describing the accountsconnection for the user 125 to the data server 109 based at least inpart on requirements of the second server 107 and the data server 109.If the user 125 does not approve the connection, the connectionapplication 190 does not connect the foreign account with the localaccount of the user 125.

The data server 109 can be a hardware server that includes a processor,a memory and network communication capabilities. In the illustratedimplementation, the data server 109 is coupled to the network 105 viasignal line 112. The data server 109 sends and receives data to and fromother entities of the system 100 via the network 105. In someimplementations, the data server 109 includes an enrollment application195, a sharing application 188, an authorization application 196 and afirst storage device 197. The components of the data server 109 arecommunicatively coupled to each other.

The enrollment application 195 can be code and routines for enrolling asecond server 107, or a service provided by the second server 107 oranother server (e.g., social network server) with the data server 109and publishing user activity data for a user 125. The exampleimplementation described discusses enrolling and sharing data between asecond server 107 with the first server 101 through a data server 109.Other implementations are possible. In particular, in someimplementations, the user activity data is shared from a service withthe social network application 103. The service may be provided by athird party service, e.g., service 193 provided by the second server107; by the social network application 103; or another application orserver, e.g., provided by another server (not shown). For example, theenrollment application 195 cooperates with the connection application190 to register a second server 107 with the data server 109, whichallows the second server 107 to share user activity data with the dataserver 109 and alternatively receive user information from the dataserver 109. In some implementations, the enrollment application 195 canbe implemented using hardware including an FPGA or an ASIC. In someother instances, the enrollment application 195 can be implemented usinga combination of hardware and software. In some implementations, theenrollment application 195 may be stored in a combination of the devicesand servers, or in one of the devices or servers. In someimplementations, at least part of the functionality described herein forthe enrollment application 195 may be provided by the connectionapplication 190. In some implementations, the enrollment application 195is an entity of the first server 101.

In some implementations, the enrollment application 195 receives useractivity data associated with a user 125 from a second server 107enrolled with the data server 109. The enrollment application 195publishes the user activity data upon the authorization of the user 125.For example, the enrollment application 195 receives an authorizationsignal to publish the user activity data from the user 125 and publishesthe user activity data in response to receiving the authorizationsignal. In some implementations, the enrollment application 195 may notpublish the user activity data if the user 125 does not authorize thepublication of the user activity data.

In some implementations, the enrollment application 195 receives a userinput describing a selection of content to be published from the user125. The enrollment application 195 determines, based at least in parton the selection of content, a subset of user activity data to bepublished from the user activity data and publishes the subset of useractivity data upon the authorization of the user 125. In someimplementations, the subset of user activity data may include at leastpart of the user activity data. For example, if the selection of contentindicates to publish user activity data associated with a “comment”type, the enrollment application 195 determines a subset of useractivity data associated with the “comment” type and publishes thesubset of user activity data upon the authorization of the user 125.

In some implementations, the enrollment application 195 receives a userinput describing one or more social connections (e.g., friends, family,a public group, etc.) to publish the user activity data. The enrollmentapplication 195 publishes the user activity data (or, a subset of useractivity data) to the one or more social connections responsive toreceiving the user input. In some implementations, the enrollmentapplication 195 receives a user input indicating to publish the useractivity data (or, a subset of user activity data) privately. Theenrollment application 195 publishes the user activity data (or, thesubset of user activity data) to a private history of the user 125responsive to receiving the user input. A user history may include oneor more user interactions performed by a user 125. A private history ofa user 125 may be a user history published privately. For example, aprivate history of a user 125 includes a user history viewable to theuser 125 but not accessible by other users 125.

The enrollment application 195 is described below in more detail withreference to FIGS. 3, 5, 6A, 6B and 6C. In some implementations theenrollment application 195 can be stored and executed on one of thesecond server 107 and the first server 101. In some implementations, theservice provided by the enrollment application 195 is referred to as the“data management service.”

In the illustrated implementations, the data server 109 includes thesharing application 188. In some implementations, the sharingapplication 188 can be stored in the first server 101.

The sharing application 188 can include code and routines for sharinguser information between the first server 101 and the second server 107via the data server 109. In some implementations, the sharingapplication 188 transmits information about a user 125 who interactswith the service 193 to the second server 107 upon the consent of theuser 125 and upon the connection of the second server 107 to the dataserver 109 or the first server 101. For example, a user 125 visits athird party site and clicks a widget, e.g., a “share” button, anacknowledgement indication button, etc. The sharing application 188receives data describing the user activity from the second server 107.The sharing application 188 provides information about the user 125stored in the social graph to the second server 107 based at least inpart upon the user's 125 authorization.

In some implementations, the sharing application 188 determines whetherthe second server 107 has enrolled with the data server 109 or the firstserver 101. If the second server 107 has enrolled with the data server109 or the first server 101, the sharing application 188 provides userinformation to the enrolled second server 107. Otherwise, the sharingapplication 188 does not provide user information to the second server107. In some implementations, the sharing application 188 determineswhether the second server 107 has enrolled with the data server 109 orthe first server 101. If the second server 107 has enrolled with thedata server 109 or the first server 101, the sharing application 188provides selected user information to the enrolled second server 107.For example, the sharing application 188 determines which specificinformation the user has authorized to be shared with the second server107. For example, in some implementations, sharing application 188 candetermines to share a certain email address of the user or a certainlist of contacts of the user, rather than the user's entire contact listor all of the user's email addresses.

In some implementations, the sharing application 188 can include codeand routines for facilitating communication and data exchange betweenthe first server 101 and the second server 107 via the data server 109.The sharing application 188 will be described below in more detail withreference to FIGS. 4, 7A and 7B. In some implementations, the sharingapplication 188 can be stored and executed on one of the data server 109and the first server 101.

The authorization application 196 can include code and routines forrelaying user or user device authorization to the second server 107 viathe data server 109 without requiring the user to input authorizationcredentials. In some implementations, the authorization application 196can include code and routines for automatically authorizing datatransfer from a second server 107 to a user device 115. In someimplementations, the authorization application 196 can include code androutines for automatically authorizing data transfer from a user device115 to a second server 107.

In some implementations, the authorization application 196 determineswhether a user 125 or user device 115 has authorized the second server107 or service 193 of the second server 107 to allow transfer of data tothe user 125 or user device 115. If the user 125 or user device 115 asauthorized, the second server 107 or service 193 of the second server107 to allow transfer of data to the user 125 or user device 115 andsend the data to the user device 115. For example, the authorizationapplication 196 can receive an indication from a second server 107describing that a user 125 logs in a third party site and selects anapplication available on the third party site for installation on theuser's device 115. The authorization application 196 determines whethera user 125 has previously authorized the second server 107 or service193 of the second server 107 to send data associated with thatapplication, and if the user 125 has previously authorized the secondserver 107 or service 193 of the second server 107 to send dataassociated with that application, the requested data or installation canbe sent without requiring the user 125 to provide authorizationcredentials. Similarly, authorization application 196 determines whethera user 125 has previously authorized the second server 107 or service193 of the second server 107 to send data to the user's device 115, andif the user 125 has previously authorized the second server 107 orservice 193 of the second server 107 to send data to the user's device115, the requested data or installation can be sent without requiringthe user 125 to provide authorization credentials. In other words, theauthorization application 196 allows for a one-time authorization for aparticular application (if the application has been previouslyauthorized, then there is no need to request additional authorizationcredentials) and a one-time authorization for a particular user device115 (if the device has been previously authorized, then there is no needto request additional authorization credentials). The authorizationapplication 196 is described below in more detail with reference to FIG.8.

In some implementations, the data server 109 also includes an engagementapplication (not pictured). In some implementations, the engagementapplication can include code and routines for determining social contentto be provided to a user 125 based at least in part on a user history.As described above, the enrollment application 195 may cooperate withthe social network application 103 to aggregate user activity into auser history. In some implementations, the user activity may includeuser interactions with a third party site. In some implementations, theuser activity may occur in a social network. The enrollment application195 may cooperate with the social network application 103 to publish theuser activity in a first user's 125 social feed to a social networkservice. Alternatively, the enrollment application 195 may cooperatewith the social network application 103 to provide the user activityinto a private history for a first user 125. In some implementations,based at least in part on the user history, the engagement applicationcan cooperate with the first server 101 to determine which user activityin the history should be posted in a social feed for a second user 125upon an explicit request from the second user 125 or a determinationthat the second user 125 implicitly requests the content.

Many examples for determining social content to be provided to a user125 based at least in part on a user history may be possible may bepossible. For example, a first user 125 posted a review for a camera ona third party site or a social network. The enrollment application 195aggregated the post into a history for the first user 125. For example,the enrollment application 195 cooperated with the social networkapplication 103 to publish the post in a social feed. A second user 125ignored the post since the second user 125 felt it was not relevant.However, after a few months, the second user 125 decided to buy acamera. For example, the second user 125 had a conversation with afriend in the social network mentioning this intent. Upon the seconduser's intent, the engagement application retrieves the post about thecamera and publishes the post in the second user's 125 social feed.

The first storage device 197 can be a non-transitory memory that storesdata for providing the functionality described herein. The first storage197 may be a dynamic random access memory (DRAM) device, a static randomaccess memory (SRAM) device, flash memory or some other memory devices.In some implementations, the first storage 197 also includes anon-volatile memory or similar permanent storage device and mediaincluding a hard disk drive, a floppy disk drive, a CD-ROM device, aDVD-ROM device, a DVD-RAM device, a DVD-RW device, a flash memorydevice, or some other mass storage device for storing information on amore permanent basis.

In some implementations, the first storage 197 stores user activity dataassociated with one or more users 125. For example, the first storage197 stores a user history including user activity data associated with auser 125. In some implementations, the user history includes descriptionof one or more user interactions performed by the user 125 on the secondserver 107 or the first server 101. In some implementations, the userhistory may be a user history viewable to other users 125. In some otherinstances, the user history may be a private user history viewable tothe user 125 privately and not accessible by other users 125. In someimplementations, the enrollment application 195 may provide opt-in orout options and privacy settings.

The user device 115 a, 115 n may be a computing device that includes amemory and a processor, for example a laptop computer, a desktopcomputer, a tablet computer, a mobile telephone, a personal digitalassistant (“PDA”), a mobile email device, a portable game player, aportable music player, a television with one or more processors embeddedtherein or coupled thereto or other electronic device capable ofaccessing a network 105. In some implementations, the user device 115includes a browser 191 for accessing online services. In the illustratedimplementation, the user device 115 a is communicatively coupled to thenetwork 105 via signal line 108. The user 125 a interacts with the userdevice 115 a via signal line 110. The user device 115 n iscommunicatively coupled to the network 105. The user 125 n alsointeracts with the user device 115 n. In some implementations, theconnection application 190 acts in part as a thin-client applicationthat may be stored on the user device 115 a, 115 n and in part ascomponents that may be stored on one or more of the first server 101,the third-party server 107 and the data server 109.

In some implementations, a user 125 logs in one or more of the firstserver 101, the second server 107 and the data server 109 using auniversal login account. In some instances, a user 125 logs in each ofthe first server 101, the second server 107 and the data server 109using an individual login account.

Referring now to FIG. 2, an example of the connection application 190 isshown in more detail. FIG. 2 is a block diagram of a computing device200 that includes a connection application 190, a first processor 235, afirst memory 237, a second communication unit 245 and a storage device197 according to some examples. The components of the computing device200 are communicatively coupled by a bus 220. In some implementations,the computing device 200 can be one of a first server 101, a user device115, a second server 107 and a data server 109.

The first processor 235 includes an arithmetic logic unit, amicroprocessor, a general purpose controller or some other processorarray to perform computations and provide electronic display signals toa display device. The processor 235 is coupled to the bus 220 forcommunication with the other components via signal line 236. Processor235 processes data signals and may include various computingarchitectures including a complex instruction set computer (CISC)architecture, a reduced instruction set computer (RISC) architecture, oran architecture implementing a combination of instruction sets. AlthoughFIG. 2 includes a single processor 235, multiple processors 235 may beincluded. Other processors, operating systems, sensors, displays andphysical configurations are possible.

The first memory 237 stores instructions and/or data that may beexecuted by the processor 235. The memory 237 is coupled to the bus 220for communication with the other components via signal line 238. Theinstructions and/or data may include code for performing the techniquesdescribed herein. The memory 237 may be a dynamic random access memory(DRAM) device, a static random access memory (SRAM) device, flash memoryor some other memory device. In some implementations, the memory 237also includes a non-volatile memory or similar permanent storage deviceand media including a hard disk drive, a floppy disk drive, a CD-ROMdevice, a DVD-ROM device, a DVD-RAM device, a DVD-RW device, a flashmemory device, or some other mass storage device for storing informationon a more permanent basis.

The first communication unit 245 transmits and receives data to and fromat least one of the user device 115, the third-party server 107, thedata server 109 and the first server 101 depending upon where theconnection application 190 may be stored. The communication unit 245 iscoupled to the bus 220 via signal line 246. In some implementations, thecommunication unit 245 includes a port for direct physical connection tothe network 105 or to another communication channel. For example, thecommunication unit 245 includes a USB, SD, CAT-5 or similar port forwired communication with the user device 115. In some implementations,the communication unit 245 includes a wireless transceiver forexchanging data with the user device 115 or other communication channelsusing one or more wireless communication methods, including IEEE 802.11,IEEE 802.16, BLUETOOTH® or another suitable wireless communicationmethod.

In some implementations, the communication unit 245 includes a cellularcommunications transceiver for sending and receiving data over acellular communications network including via short messaging service(SMS), multimedia messaging service (MMS), hypertext transfer protocol(HTTP), direct data connection, WAP, e-mail or another suitable type ofelectronic communication. In some implementations, the communicationunit 245 includes a wired port and a wireless transceiver. Thecommunication unit 245 also provides other conventional connections tothe network 105 for distribution of files and/or media objects usingstandard network protocols including TCP/IP, HTTP, HTTPS and SMTP, etc.

The second storage device 297 can be a non-transitory memory that storesdata for providing the functionality described herein. The secondstorage device 297 may be a dynamic random access memory (DRAM) device,a static random access memory (SRAM) device, flash memory or some othermemory devices. In some implementations, the second storage device 297also includes a non-volatile memory or similar permanent storage deviceand media including a hard disk drive, a floppy disk drive, a CD-ROMdevice, a DVD-ROM device, a DVD-RAM device, a DVD-RW device, a flashmemory device, or some other mass storage device for storing informationon a more permanent basis. In the illustrated implementation, the secondstorage device 297 is communicatively coupled to the bus 220 via signalline 241.

In the illustrated implementation shown in FIG. 2, the connectionapplication 190 includes a first controller 202, an enrollment module204, a first user interface module 206, a user registration module 208,a data transmission module 210 and a filter module 212. These componentsof the connection application 190 are communicatively coupled to eachother via the bus 220.

The first controller 202 can be software including routines for handlingcommunications between the connection application 190 and othercomponents of the computing device 200. In some implementations, thecontroller 202 can be a set of instructions executable by the processor235 to provide the functionality described below for handlingcommunications between the connection application 190 and othercomponents of the computing device 200. In some instances, thecontroller 202 can be stored in the memory 237 of the computing device200 and can be accessible and executable by the processor 235. Thecontroller 202 may be adapted for cooperation and communication with theprocessor 235 and other components of the computing device 200 viasignal line 222.

The first controller 202 sends and receives data, via the communicationunit 245, to and from one or more of a user device 115, a first server101, a second server 107 and a data server 109. In some instances, thefirst controller 202 receives, via the communication unit 245, aregistration request for registering a user 125 with a service providedby the second server 107 from a user device 115 and sends theregistration request to the user registration module 208. In someinstances, the first controller 202 receives user activity data from thedata transmission module 210 and sends, via the communication unit 245,the user activity data to the data server 109. In some instances, thefirst controller 202 receives graphical data for providing a userinterface from the user interface module 206 and sends the graphicaldata to a user device 115, causing the user device 115 to present theuser interface to a user 125.

In some implementations, the first controller 202 receives data fromcomponents of the connection application 190 and stores the data in thesecond storage device 297. For example, the first controller 202receives data describing one or more privacy settings from the userregistration module 208 and stores the data in the second storage device297. In some implementations, the first controller 202 retrieves datafrom the second storage device 297 and sends the data to components ofthe connection application 190. For example, the first controller 202retrieves data describing one or more types of user interactionsspecified by the second server 107 from the second storage device 297and sends the data to the filter module 212.

The enrollment module 204 can be software including routines forenrolling a second server 107 with a data server 109. In someimplementations, the enrollment module 204 can be a set of instructionsexecutable by the processor 235 to provide the functionality describedbelow for enrolling a second server 107 with a data server 109. In someinstances, the enrollment module 204 can be stored in the memory 237 ofthe computing device 200 and can be accessible and executable by theprocessor 235. The enrollment module 204 may be adapted for cooperationand communication with the processor 235 and other components of thecomputing device 200 via signal line 224.

In some implementations, the enrollment module 204 cooperates with theenrollment application 195 to enroll a second server 107 with a dataserver 109, which allows the second server 107 to share user activitydata with the data server 109. For example, the enrollment module 204 ofthe connection application 190 sends an enrollment request to theenrollment application 195, causing the enrollment application 195 tosend data describing one or more requirements specified by the dataserver 109 to the enrollment module 204. The requirements can include,for example, data specifying one or more types of user interactions tobe shared with the data server 109. For example, the data requirementsindicate that the data server 109 is only interested in receivingactivity data describing certain types of user interactions with theservice 193 (e.g., whether the user 125 views videos, whether the user125 comments on an article, etc.). The enrollment module 204 presentsthe one or more requirements to an administrator of the second server107. If the administrator of the second server 107 provides an inputindicating that the administrator agrees with the requirements, theenrollment module 204 sends a signal indicating an acceptance of therequirements to the enrollment application 195, causing the enrollmentapplication 195 to enroll the second server 107 with the data server 109for sharing user activity data with the data server 109. If theadministrator disagrees with the requirements, the enrollment module 204sends a signal indicating a decline of the requirements to theenrollment application 195 and the second server 107 may not be enrolledwith the data server 109.

In some implementations, the enrollment module 204 specifies one or moretypes of user interactions to be shared with the data server 109 duringthe enrollment process. For example, the enrollment module 204 specifiesa view type and a comment type of user interactions to be shared withthe data server 109. As a result, user activity data associated with theview type and the comment type may be transmitted to the data server 109upon the consent of a user 125 associated with the user activity data.The enrollment module 204 stores the one or more types of userinteractions specified by the second server 107 in the second storagedevice 297.

As described above with respect to requirements transmitted to thesecond server 107, in some implementations the enrollment module 204 ofthe connection application 190 receives an input indicating one or moretypes of user interactions with the service 193 to be shared with thedata server 109. The enrollment module 204 works with the other entitiesof the connection application 190 to aggregate data that is of thespecified type for sharing with the data server 109.

The user registration module 208 can be software including routines forregistering a user 125 with a second server 107. In someimplementations, the user registration module 208 can be a set ofinstructions executable by the processor 235 to provide thefunctionality described below for registering a user 125 with a secondserver 107. In some instances, the user registration module 208 can bestored in the memory 237 of the computing device 200 and can beaccessible and executable by the processor 235. The user registrationmodule 208 may be adapted for cooperation and communication with theprocessor 235 and other components of the computing device 200 viasignal line 228.

In some implementations, the user registration module 208 receives aregistration request from a user 125 and instructs the user interfacemodule 206 to generate graphical data for providing a registration formto the user 125. The user interface module 206 sends the graphical datato a user device 115, causing the user device 115 to present theregistration form to the user 125. The user 125 fills out theregistration form and sends the registration form to the userregistration module 208, causing the user registration module 208 toregister the user 125 with a service provided by the second server 107.

In some implementations, the user registration module 208 receives anopt-in input from a user 125 during the registration process. In someimplementations, the user registration module 208 receives an opt-outinput from a user 125 indicating that the user 125 opts out the datasharing between the second server 107 and the data server 109.

In some implementations, the user registration module 208 receives datadescribing one or more privacy settings from the user 125 during theregistration process. In some instances, the user registration module208 receives data describing one or more types of user interactions thatthe user 125 selects to share with the data server 109. In someinstances, the user registration module 208 receives data describing aprivacy level with a social network application 103 from the user 125.The privacy level indicates, for example, one or more social connections(e.g., friends, coworkers, etc.) to which the user 125 selects topublish his or her activity data in the social network. In someimplementations, the user 125 may also configure the privacy settingsfor the data sharing via the enrollment application 195. For example,the enrollment application 195 instructs the user interface module 206to provide a user interface to the user 125, allowing the user 125 toconfigure the privacy settings via the user interface. The enrollmentapplication 195 receives the privacy settings from the user 125 via theuser interface and stores the privacy settings in the first storage 197,the second storage 297 or a combination of the first storage 197 and thesecond storage 297.

The filter module 212 can be software including routines for filteringuser activity data. In some implementations, the filter module 212 canbe a set of instructions executable by the processor 235 to provide thefunctionality described below for filtering user activity data. In someinstances, the filter module 212 can be stored in the memory 237 of thecomputing device 200 and can be accessible and executable by theprocessor 235. The filter module 212 may be adapted for cooperation andcommunication with the processor 235 and other components of thecomputing device 200 via signal line 232.

In some implementations, the filter module 212 receives, via the firstcontroller 202, user activity data describing a user interaction with aservice from the service module 193. The filter module 212 determineswhether the user activity data (or, the user interaction) can be of atype of user interactions specified by the second server 107. Forexample, if a type of user interactions specified by the enrollmentmodule 204 described above includes a view type, the filter module 212determines whether the user activity data can be categorized to the viewtype. For example, if the user activity data includes a “view” action,the filter module 212 determines that the user activity data may be ofthe view type specified by the second server 107.

If the user activity data can be categorized to the type of userinteractions specified by the second server 107, the filter module 212sends the user activity data to the data transmission module 210,causing the data transmission module 210 to send the user activity datato the data server 109. In some implementations, the filter module 212further determines whether the user 125 authorizes to share the useractivity data with the data server 109. If the user 125 has authorizedthe data sharing, the filter module 212 sends the user activity data tothe data transmission module 210 for delivering the user activity datato the data server 109. If the user 125 has not authorized the datasharing, the filter module 212 does not send the user activity data tothe data transmission module 210 and the user activity data may not bedelivered to the data server 109.

However, if the user activity data cannot be categorized to the type ofuser interactions specified by the second server 107, the filter module212 does not send the user activity data to the data transmission module210 and the user activity data may not be transmitted to the data server109.

In some implementations, the filter module 212 determines metadata inaddition to the user activity data. In some implementations, themetadata can include data describing additional information inassociation with the verbs describing actions in user interactions withthe service 193. Examples for the additional information in associationwith the verbs includes, but not limited to, an identity of a user 125who performs the action, a date and a time of the action and a subjectto which the user 125 performs the action. Other examples are possible.In some implementations, the filter module 212 receives the metadatafrom the service module 193. In some implementations, the filter module212 generates the metadata describing the additional informationassociated with the verbs and adds the metadata to the user activitydata. The filter module 212 transmits the metadata along with the useractivity data to the data transmission module 210 for the transmissionof the data to the data server 109. In some implementations, the filtermodule 212 determines metadata in association with certain types ofverbs describing user interactions. For example, the filter module 212determines metadata for a view type of user interactions and transmitsthe metadata in association with the view type actions to the datatransmission module 210.

The first user interface module 206 can be software including routinesfor generating graphical data for providing user interfaces. In someimplementations, the user interface module 206 can be a set ofinstructions executable by the processor 235 to provide thefunctionality described below for generating graphical data forproviding user interfaces. In some instances, the user interface module206 can be stored in the memory 237 of the computing device 200 and canbe accessible and executable by the processor 235. The user interfacemodule 206 may be adapted for cooperation and communication with theprocessor 235 and other components of the computing device 200 viasignal line 226.

In some implementations, the first user interface module 206 generatesgraphical data for providing a user interface that depicts aregistration form. The user interface module 206 sends the graphicaldata to a user device 115 operated by a user 125, causing the userdevice 115 to present the registration form to the user 125 via the userinterface. In some implementations, the user interface module 206generates graphical data for providing a user interface that depicts oneor more privacy settings. The user interface module 206 sends thegraphical data to a user device 115, causing the user device 115 topresent the user interface to the user 125. The user 125 may configurethe privacy settings via the user interface. For example, the user 125specifies a privacy level with a social network application 103 via theuser interface.

In some implementations, the user interface module 206 generatesgraphical data for providing a user interface that allows a user 125 toconfigure the publication of the user activity data. For example, theuser interface allows a user 125 to select a subset of user activitydata to be published, one or more social connections to which the subsetof user activity data may be published or whether to publish the subsetof user activity data privately in the private history of the user 125or in the social network to other users 125 that are approved by theuser 125, etc. In some implementations, the user interface module 206may generate graphical data for providing other user interfaces to users125.

In some implementations, the user interface module 206 determines userinterface data for displaying a user interface that allows a user 125who interacts with a widget on a third party site to connect a foreignaccount to a local account of the user 125. For example, the userinterface module 206 receives a control signal from the data server 109for providing a user interface to a user 125 who clicks a widget on athird party site. For example, the user interface allows the user 125 toselect if the user 125 likes to connect a foreign account (e.g., asocial account with the social network application 103) to a localaccount (e.g., an account with the second server 107).

If the user 125 selects to connect the social account with the thirdparty account, the first controller 202 receives the user's 125selection as well as social account login information from the user 125and sends the information to the user registration module 208 forconnecting the user's 125 third party account with the social account.In some implementations, the first controller 202 also sends a signalindicating the account connection for the user 125 to the data server109. If the user 125 does not agree with accounts connection, the firstcontroller 202 does not control the user registration module 208 toconnect accounts for the user 125, nor does the first controller 202sends the connection signal to the data server 109.

The data transmission module 210 can be software including routines fortransmitting user activity data to the data server 109. In someimplementations, the data transmission module 210 can be a set ofinstructions executable by the processor 235 to provide thefunctionality described below for transmitting user activity data to thedata server 109. In some instances, the data transmission module 210 canbe stored in the memory 237 of the computing device 200 and can beaccessible and executable by the processor 235. The data transmissionmodule 210 may be adapted for cooperation and communication with theprocessor 235 and other components of the computing device 200 viasignal line 230.

In some implementations, the data transmission module 210 receives useractivity data from the filter module 212. The data transmission module210 transmits the user activity data to the data server 109 via thefirst controller 202 and the first communication unit 245.

Referring now to FIG. 3, an example of the enrollment application 195 isshown in more detail. FIG. 3 is a block diagram of a computing device300 that includes a second communication unit 345, a second processor335, a second memory 337 and a first storage device 197 according tosome examples. The components of the computing device 300 arecommunicatively coupled by a bus 320. In some implementations, thecomputing device 300 can be one of a first server 101, a user device115, a second server 107 and a data server 109.

The second communication unit 345, second processor 335 and secondmemory 337 provide similar functionality as described above for thefirst communication unit 245, the first processor 235 and the firstmemory 237, respectively. Accordingly, these descriptions will not berepeated here. In the illustrated implementation, the secondcommunication unit 345 is communicatively coupled to the bus 320 viasignal line 346, the second processor 335 is communicatively coupled tothe bus 320 via signal line 336 and the second memory is communicativelycoupled to the bus 320 via signal line 338. The first storage 197 isdescribed above with reference to FIG. 1, and the description will notbe repeated here. In the illustrated implementation, the first storage197 is communicatively coupled to the bus 320 via signal line 341.

In the illustrated implementation shown in FIG. 3, the enrollmentapplication 195 includes a second controller 302, a determination module304, a second user interface module 306, a restriction module 308 and anoutput module 310. These components of the enrollment application 195are communicatively coupled to each other via the bus 320.

The second controller 302 can be software including routines forhandling communications between the enrollment application 195 and othercomponents of the computing device 300. In some implementations, thesecond controller 302 can be a set of instructions executable by thesecond processor 335 to provide the functionality described below forhandling communications between the enrollment application 195 and othercomponents of the computing device 300. In some instances, the secondcontroller 302 can be stored in the second memory 337 of the computingdevice 300 and can be accessible and executable by the second processor335. The second controller 302 may be adapted for cooperation andcommunication with the second processor 335 and other components of thecomputing device 300 via signal line 322.

The second controller 302 sends and receives data, via the communicationunit 345, to and from one or more of a user device 115, a first server101, a second server 107 and a data server 109. In some instances, thesecond controller 302 receives, via the second communication unit 345,an input specifying one or more types of user interactions to betransmitted to the data server 109 from the second server 107. In someinstances, the second controller 302 receives, via the secondcommunication unit 345, an indication that a user 125 has registeredwith a service provided by the second server 107. In some instances, thesecond controller 302 receives, via the second communication unit 345,user activity data describing user interactions with a service providedby the second server 107 that is of the specified type from the secondserver 107. In some instances, the second controller 302 receives, viathe second communication unit 345, an input specifying content approvedby a user 125 to be provided to a user device 115 from the second server107.

In some implementations, the second controller 302 receives data fromother components of the enrollment application 195 and stores the datain the first storage 197.

In some implementations, the second controller 302 transmits to thesecond server 107 a requirements input that describes one or more typesof user activity data to the shared with the data server 109. In someimplementations, the requirements input is determined based on an inputprovided by an administrator of the data server 109, an input providedby the user 125 or a combination of an input provided by theadministrator of the data server 109 and an input provided by the user125. In some implementations, the second controller 302 transmits theuser activity data to the social network application 103.

The determination module 304 can be software including routines fordetermining whether a user 125 has approved of content. In someimplementations the determination module 304 can be a set ofinstructions executable by the second processor 335 to provide thefunctionality described below for determining whether a user 125 hasapproved of content. In some instances, the determination module 304 canbe stored in the second memory 337 of the computing device 300 and canbe accessible and executable by the second processor 335. Thedetermination module 304 may be adapted for cooperation andcommunication with the second processor 335 and other components of thecomputing device 300 via signal line 324.

In some implementations, the determination module 304 receives, via thesecond controller 302, user activity data describing a user interactionwith a service provided by the second server 107 (e.g., service 193).The determination module 304 determines whether the user activity datahas been approved by a user 125 to be provided to a user device 115. Forexample, if an input from a user 125 specifying content approved by theuser 125 indicates that the user 125 has approved the user activitydata, the determination module 304 determines that the user activitydata has been approved by the user 125 and delivers the user activitydata to the restriction module 308 for further processing regarding theapproved user activity data. If the input indicates that the user 125has not approved the user activity data, the determination module 304does not send the user activity data to the restriction module 308 andthe user activity data may not be provided to the user device 115operated by the user 125.

The second user interface module 306 can be software including routinesfor generating graphical data for providing a graphical user interfaceto the user device 115. In some implementations the second userinterface module 306 can be a set of instructions executable by theprocessor 335 to generate graphical data for providing the userinterfaces described below with reference to FIGS. 8 and 9. The userinterface module 306 sends the graphical data to a user device 115,causing the user device 115 to present the graphical user interface tothe user 125. The user 125 provides inputs to the graphical userinterface using the user device 115, thereby providing the inputsnecessary for the determination module 304 to perform its function. Insome implementations, the user interface module 306 can be a set ofinstructions executable by the processor 335 to provide thefunctionality described above for generating graphical data forproviding user interfaces. In some instances, the user interface module306 can be stored in the memory 337 of the computing device 300 and canbe accessible and executable by the processor 335. The user interfacemodule 306 may be adapted for cooperation and communication with theprocessor 335 and other components of the computing device 300 viasignal line 326.

The restriction module 308 can be software including routines fordetermining whether the user activity data is restricted. Thefunctionality of the restriction module 308 is described in more detailwith reference to FIG. 6C. The restriction module 308 may be adapted forcooperation and communication with the processor 335 and othercomponents of the computing device 300 via signal line 328.

In some implementations, the restriction module 308 determines a type ofthe interaction described by the approved user activity data. Forexample, the restriction module 308 receives, via the second controller302, an input specifying a type of a user interaction associated withthe user activity data. The restriction module 308 determines whetherthe type of the user interaction is a user specified type, e.g., a“view” type. If the type of the user interaction cannot be categorizedto the “view” type, the restriction module 308 sends the user activitydata to the output module 310 for providing the approved user activitydata to a public social feed to the user device 115. Accordingly, insome embodiments the user activity data is restricted if it relates to aview type since the user 125 may want to keep this information private.For example, the user 125 may not want other users 125 to know whatvideos they are watching. If the type of the user interaction can becategorized to the “view” type, the restriction module 308 appliesadditional restrictions to the approved user activity data. If the useractivity data is not restricted then the restriction module 308 may sendthe content describing the approved action to the output module 310 forproviding the content to a public user social feed on a social networkservice. If the user activity data is restricted then the restrictionmodule 308 instructs the output module 310 to provide the approvedaction to a private history of the user 125 not accessible to otherusers 125.

The output module 310 can be software including routines for providinguser approved activity data to the user 125. In some implementations,the output module 310 can be a set of instructions executable by theprocessor 335 to provide the functionality described below fortransmitting approved user activity data to the social networkapplication 103. In some instances, the output module 310 can be storedin the memory 337 of the computing device 300 and can be accessible andexecutable by the processor 335. The output module 310 may be adaptedfor cooperation and communication with the processor 335 and othercomponents of the computing device 300 via signal line 330.

In some implementations, the output module 310 sends approved useractivity data to a user social feed on a social network service providedby the social network application 109. In some implementations, theoutput module 310 provides approved user activity to a private historyof the user 125 not accessible to other users 125.

Referring now to FIG. 4, an example of the sharing application 188 isshown in more detail. FIG. 4 is a block diagram of a computing device400 that includes a third communication unit 345, a third processor 335,a third memory 337 and a first storage device 197 according to someexamples. The components of the computing device 400 are communicativelycoupled by a bus 420. In some implementations, the computing device 400can be one of a first server 101, a user device 115, a second server 107and a data server 109.

The third communication unit 445, third processor 435 and third memory437 provide similar functionality as described above for the firstcommunication unit 245, the first processor 235 and the first memory237, respectively. Accordingly, these descriptions will not be repeatedhere. In the illustrated implementation, the third communication unit445 is communicatively coupled to the bus 420 via signal line 446, thethird processor 435 is communicatively coupled to the bus 420 via signalline 436 and the third memory is communicatively coupled to the bus 420via signal line 438. The first storage 197 is described above withreference to FIG. 1, and the description will not be repeated here. Inthe illustrated implementation, the first storage 197 is communicativelycoupled to the bus 420 via signal line 441.

In the illustrated implementation shown in FIG. 4, the sharingapplication 188 includes a third controller 402, an identificationmodule 404, an authentication module 406 and an encryption module 408.These components of the sharing application 188 are communicativelycoupled to each other via the bus 420.

The third controller 402 can be software including routines for handlingcommunications between the sharing application 188 and other componentsof the computing device 400. In some implementations, the thirdcontroller 402 can be a set of instructions executable by the thirdprocessor 435 to provide the functionality described below for handlingcommunications between the sharing application 188 and other componentsof the computing device 400. In some instances, the third controller 402can be stored in the third memory 437 of the computing device 400 andcan be accessible and executable by the third processor 435. The thirdcontroller 402 may be adapted for cooperation and communication with thethird processor 435 and other components of the computing device 400 viasignal line 422.

The third controller 402 sends and receives data, via the communicationunit 445, to and from one or more of a user device 115, a first server101, a second server 107 and a data server 109. In some instances, thethird controller 402 receives, via the communication unit 445, anindication that a user 125 interacted with a widget on a third part sitefrom the second server 107. In some instances, the third controller 402receives, via the communication unit 445, an input identifying thesecond server 107. In some instances, the third controller 402 receives,via the communication unit 445, a user authorization signal from thefirst server 101 and sends information about a user 125, via thecommunication unit 445, to the second server 107 upon receiving the userauthorization signal.

In some implementations, the third controller 402 receives data from thecomponents of the sharing application 188 and stores the data in thefirst storage 197.

The identification module 404 can be software including routines foridentifying a second server 107 and determining whether the secondserver 107 has been enrolled with the data server 109. In someimplementations, the identification module 404 can be a set ofinstructions executable by the third processor 435 to provide thefunctionality described below for identifying a second server 107 anddetermining whether the second server 107 has been enrolled with thedata server 109. In some instances, the identification module 404 can bestored in the third memory 437 of the computing device 400 and can beaccessible and executable by the third processor 435. The identificationmodule 404 may be adapted for cooperation and communication with thethird processor 435 and other components of the computing device 400 viasignal line 424.

In some implementations, the identification module 404 receives, via thethird controller 402, an input that identifies a second server 107. Theidentification module 404 determines whether the second server 107 hasbeen enrolled with the data server 109 based at least in part onidentity information of the second server 107 specified by the input(e.g., an identity code, a unique registration number, etc.). Anenrollment process for enrolling a second server 107 with the dataserver 109 has been described above with reference to FIG. 2. Forexample, as described above, the enrollment module 204 cooperates withthe enrollment application 195 to enroll a second server 107 with a dataserver 109 upon an acceptance of requirements specified by anadministrator of the second server 107. In some implementations, theidentification module 404 determines that the second server 107 has beenenrolled with the data server 109 and sends an enrollment signalindicating the enrollment of the second server 107 to the authenticationmodule 406 for further processing. If the identification module 404determines that the second server 107 has not been enrolled with thedata server 109, the identification module 404 does not provide userinformation to the second server 107.

The authentication module 406 can be software including routines fordetermining whether a user 125 permits to share user information. Insome implementations, the authentication module 406 can be a set ofinstructions executable by the third processor 435 to provide thefunctionality described below for determining whether a user 125 permitsto share user information. In some instances, the authentication module406 can be stored in the third memory 437 of the computing device 400and can be accessible and executable by the third processor 435. Theauthentication module 406 may be adapted for cooperation andcommunication with the third processor 435 and other components of thecomputing device 400 via signal line 426.

In some implementations, the authentication module 406 receives, via thethird controller 402, an indication that a user 125 interacted with awidget on a third party site from the second server 107. For example,the user 125 logs in a third party site and clicks on a “share” buttonfor sharing an article provided by the third party site to the user's125 social content in a social network service. The second server 107specifies an identity of the user 125 based at least in part on logininformation of the user 125 and sends an indication describing the userinteraction as well as the identity of the user 125 to the data server109. The authentication module 406 determines the identity of the user125 based at least in part on the indication from the second server 107.

In some implementations, the authentication module 406 determineswhether the user 125 permits to share the user's 125 information storedin the social graph to an enrolled second server 107. If the user 125permits the data server 109 to share user information with the enrolledsecond server 107, the authentication module 406 sends an authorizationsignal indicating the authorization of the user 125 to the encryptionmodule 408 for providing user information to the enrolled second server107. If the user 125 declines to share information with the secondserver 107, the authentication module 406 does not provide informationof the user 125 to the second server 107.

The encryption module 408 can be software including routines forencrypting the user information. In some implementations, the encryptionmodule 408 can be a set of instructions executable by the thirdprocessor 435 to provide the functionality described below forencrypting the user information. In some instances, the encryptionmodule 408 can be stored in the third memory 437 of the computing device400 and can be accessible and executable by the third processor 435. Theencryption module 408 may be adapted for cooperation and communicationwith the third processor 435 and other components of the computingdevice 400 via signal line 428.

In some implementations, the encryption module 408 receives, via thethird controller 402, an enrollment signal and an authorization signalfrom the identification module 404 and the authentication module 406respectively. Responsive to receiving these two signals the encryptionmodule 408 retrieves information of the user 125 from the social graphand encrypts the information. For example, the encryption module 408applies encryption techniques to encode the information and sends, viathe third controller 402, the encoded information and optionally aprivate key to the second server 107, allowing a secured transmissionand preventing the second server 107 to further spread the userinformation to other unauthorized second servers 107.

Referring now to FIG. 5, an example of a method 500 for providing thirdparty modifications to a user history is described. In the illustratedimplementation, the method 500 can include receiving 502 an inputspecifying one or more types of actions to be transmitted to theenrollment application 195 included in the data server 109. For example,the connection service provided by the connection application 190communicates with the enrollment application 195 to provide an inputspecifying one or more types of activities to be reported to the datamanagement service provided by the enrollment application 195. Theenrollment application 195 receives 502 the input. The method 500 canalso include receiving 504 activity data describing user actions fromthe connection application 190. The method 500 can include receiving 506a selection from the user device 115 specifying actions described byactivity data that can be provided to the user 125. The method 500 maycontinue by providing 508 the activity data describing the specifiedactions to the user 125.

Referring now to FIGS. 6A-6C, another example of a method 600 forproviding third party modifications to a user history is described.Turning to FIG. 6A, the method 600 can include receiving 602 an inputgenerated by the second server 107. The input specifies one or moretypes of actions to be transmitted to the enrollment application 195included in the data server 109. For example, the input specifies thatthe “view” actions associated with a user 125 viewing a video will betransmitted to the enrollment application 195. In some implementations,the input received by the enrollment application 195 at step 602 can begenerated by the user device 115. For example, the user 125 uses theuser device 115 to specify the types of actions that the enrollmentapplication 195 will receive information about. In some instances, theinput received at step 602 can be generated by a combination of one ormore of the second server 107 (e.g., the connection application 190),the first server 101, the enrollment application 195 and the user device115.

The method 600 can also include receiving 604 an indication that theuser 125 has registered with the connection application 190 provided bythe second server 107. For example, the second server 107 transmitsregistration data to the enrollment application 195 and the registrationdata includes an indication that the user 125 has registered with theservice provided by the second server 107. The method 600 can includereceiving 606 an activity data set describing user interactions withsecond server 107 performed by one or more registered users 125 that isof the type specified at step 602. The activity data set may includeactivity data describing the actions of one or more registered users 125with the first service 193. In some implementations, receiving 606 anactivity data set describing user interactions with second server 107can be repeated two or more times so that the enrollment application 195receives multiple sets of activity data from the second server 107describing the actions of one or more registered users 125.

The method 600 can also include receiving 608 an input from the userdevice 115 specifying which content from the activity data set receivedat step 606 is approved by the user 125 to be provided to the userdevice 115. For example, the approved actions can be included in socialfeed associated with the user 125 on the social network application 103.The user 125 may select content including a subset of activity data fromthe activity data received from the second server 107 at step 606. Theselected content may then be included in the social feed for the user125 as provided by the social network application 103.

Referring to FIG. 6B, the method 600 can include determining 620 whetherthe user 125 has approved actions described by the activity data. If theuser 125 has not approved an action, the method 600 may continue by notproviding 621 this action to the social network service or the user 125.If the user 125 has approved the action, the method 600 may continue bydetermining 622 a type of user interactions associated with the contentapproved by the user 125. The method 600 can also include determining624 whether the type of user interactions is of a user specified type.For example, the user specified type may be a view type. If the type ofuser interactions may not be categorized to the user specified type(e.g., the view type), the method 600 may continue by providing 626 theapproved content publicly to the user device 115 or the social networkservice. Otherwise, the method 600 may move to step 628.

In some implementations, additional restrictions can be applied.Referring to FIG. 6C, the method 600 can include determining 630 whethera restriction applies to making the content publicly available. If arestriction does not apply, the method 600 may continue by providing 632the content describing the approved action publicly to the user device115 or the social network service. Otherwise, the method 600 maycontinue by providing 634 the approved action to a private history ofthe user 125.

Referring now to FIGS. 7A-7B, an example of a method 700 for sharinguser information with a second server 107 is described. Turning to FIG.7A, the method 700 can include receiving 702 an indication that a user125 interacted with a second server 107. For example, the sharingapplication 188 receives an indication from a second server 107describing that a user 125 logs in a third party site and clicks awidget on the third party site. The indication may also include logininformation for the user 125. The method 700 can also include receiving704 an input identifying the second server 107. For example, the sharingapplication 188 receives an input from the second server 107 thatincludes identity information (e.g., an identity code) about the secondserver 107. The method 700 can include determining 706 whether thesecond server 107 has been enrolled with the data server 109 or thefirst server 101. If the second server 107 has not been enrolled withthe data server 109 or the first server 101, the method 700 may continueby not providing 712 the user information to the second server 107.

If the second server 107 has been enrolled with the data server 109 orthe first server 101, the method 700 may continue by applying additionalrestrictions before sharing the user information. In the illustratedimplementation, the method 700 may continue by determining 708 anidentity of the user 125. For example, the sharing application 188determines an identity of the user 125 based at least in part on theinput from the second server 107 including, e.g., login information ofthe user 125. The method 700 can also include determining 710 whetherthe user 125 has permitted sharing of information with the second server107. In some implementations, the determination includes determine whichspecific information the user has permitted sharing with the secondserver. For example, the user may only permit the second server to viewa select list of user contacts, or specific email addresses associatedwith the user. In such implementation, the user has control of whatspecific information is provided to the second server. This may be donewhen the user sets up the user's account or may also be edited by theuser. If the user 125 has not permitted sharing of user information, themethod 700 may continue by not providing 712 the user information to thesecond server 107.

Referring to FIG. 7B, if the user 125 has permitted sharing of userinformation, the method 700 may continue by retrieving 714 userinformation for the user 125 from the social graph provided by thesocial network application 103. The method 700 can also includeencrypting 716 the user information and providing 718 the encrypted userinformation to the second server 107.

FIG. 8A is a flowchart of an example method 800 for automaticallyauthorizing data transfer from a second server 107 to a user device 115.As shown in FIG. 8, the method 800 can include receiving 802 a requestfor data from a user 125 of a user device 115. For example, the sharingapplication 188 and/or authorization application 196 receives anindication from a second server 107 describing that a user 125 logs in athird party site and selects an application available on the third partysite for installation on the user's device 115. In some implementations,the user device 115 may be a mobile phone. In some implementations, theuser device 115 tablet computer. The method 800 can include receiving804 information associated with the user 125 and information associatedwith the user device 115 that originated the request for data. Forexample, the authorization application 196 receives informationassociated with the user device 115 from the first storage device 197.The information may be user identification information, previousauthorization information, user device 115 identification information,and other information identifying the user 125 and user device 115. Themethod 800 can further include determining 806 whether the user haspreviously provided authorization for a particular application availableon the third party site. If the user has not previously providedauthorization for the particular application (806—No), the method 800can further include determining 808 whether the user has previouslyprovided authorization for the user device 115. If the user also has notpreviously provided authorization for the user device 115 (808—No), thenthe method can further include requesting 812 authorization credentialsfrom the user. Once the authorization credentials are received 814, datais sent 810 to the user device. For example, the second server 107pushes the installation of the application on the user device 115. Insome implementations, the second server 107 may push installation of theapplication to a second user device 115 where the user has logged onto.

If the user has previously provided authorization for the particularapplication (806—Yes), then data is sent 810 to the user device. Forexample, the second server 107 pushes the installation of theapplication on the user device 115. Similarly, if the user haspreviously provided authorization for the user device 115 (808—Yes),data is sent 810 to the user device. For example, the second server 107pushes the installation of the application on the user device 115. Inthe foregoing examples, the installation of the application can happenautomatically and the second server 107 does not need to requestauthorization credentials from the user 125.

FIG. 8B is a flowchart of another example method 800B for automaticallyauthorizing data transfer from a second server 107 to a user device 115.In some implementations, a second service is implemented on the secondserver 107 and data is transferred from the second service to the userdevice 115. As shown in FIG. 8B, the method 800B can include receiving820 a request approval of data transmission. For example, the sharingapplication 188 and/or authorization application 196 receives anindication from a second server 107 describing that a user 125 logs in athird party site and selects an application available on the third partysite for installation on the user's device 115. In some implementations,the user device 115 may be a mobile phone. In some implementations, theuser device 115 tablet computer. The method 800B can include receiving822 information associated with the user 125 and information associatedwith the user device 115 that originated the request for data. Forexample, the authorization application 196 receives informationassociated with the user device 115 from the first storage device 197.The information may be user identification information, previousauthorization information, user device 115 identification information,and other information identifying the user 125 and user device 115. Themethod 800B can further include determining 8824 whether the user haspreviously granted access to a second service to a first service usingthe device. If the user has not previously granted access to the secondservice to the first service using the device (824—No), the method 800B,then the method 800B may further include requesting 830 authorizationcredentials from the user. If the user has previously granted access tothe second service to the first service using the device (824—Yes), themethod 800B may further include determining 826 whether a second userdevice has been previously granted access to the first service. If thesecond user device has not been previously granted access to the firstservice (826—No), then the method can further include requesting 812authorization credentials from the user. If the second user device hasbeen previously granted access to the first service (826—Yes), themethod 800B may further include sending 828 approval to transmit data.For example, the second service implemented on the second server 107pushes the installation of an application on the user device 115. Insome implementations, the second service implemented on the secondserver 107 may push installation of the application to a second userdevice 115 where the user has logged onto.

Once the authorization credentials are received 832, approval totransmit data is sent 828 to the user device. For example, the secondserver 107 pushes the installation of the application on the user device115. In some implementations, the second server 107 may pushinstallation of the application to a second user device 115 where theuser has logged onto.

FIG. 9A is a flowchart of an example method 900A for generatinginteractive user posts. As shown in FIG. 9A, the method 900A can includereceiving 902 content for publishing at a first server 101, for example,a social network server, including a plurality of data items. In someimplementations, the content for published including the plurality ofdata items is received from a user device 115. As an example, a user 125may send data to the first server 101 that includes information (forexample, a post) and a link to a website. The method 900A can furtherinclude receiving 904, from a second server 107, data associated withthe plurality of data items. In some implementations, the dataassociated with the plurality of data items is received from a secondserver 107, for example a third party server. For example, the dataassociated with the plurality of data items can be a uniform resourcelocator (URL) for each data item. The method 900A can further includegenerating 906, at the first server, a user post that includes arepresentation of each of the plurality of data items. For example, thefirst server 107 can generate a user post that includes the informationfrom the user 125 and a link that directs to the webpage associated withthe URL. The method 900A can also include receiving 908 a selection, atthe first server, of at least one of the plurality of data items. Insome implementations, the selection is received from a user device 115.The method 900A can further include generating 910 an action directed tothe second server corresponding to the selection. For example, ifanother user selects the link in the post, the first server 107 directsthe user to the website, hosted by a second server, associated with thatlink. In this example, the post may have multiple links that direct tomultiple websites or webpages. In some implementations, the plurality ofdata items includes a plurality of links, each directed to an action ona second server.

FIG. 9B is a flowchart of another example method 900B for generatinginteractive user posts. As shown in FIG. 9B, the method 900B can includereceiving 920, at the first server 101, content for publishing includingat least one data item. In some implementations, the content forpublishing including the data item is received from a user device 115.In some implementations, the content for publishing including the dataitem is received from a second server 107. The method 900B can furtherinclude receiving data 922 associated with the data item from the secondserver 107. In some implementations, the data associated with the dataitem is received from a second server 107, for example, a third partyserver. In some implementations, the data associated with the data itemis received from a user device 115. The method 900B can further includegenerating 924 a user post by the first server that includes a dynamicrepresentation of the plurality of data item. The method 900B can alsoinclude receiving 926 an update associated with the data item from thesecond server. In some implementations, the update is received from theuser device 115. In some implementations, the update is received fromthe second server 107, for example, a third party server. The method900B can further include generating 928, by the first server, an updatedpost including an update to the dynamic representation of the data item.In this example, the post may have a real time update

In some implementations, the interactive posts generated can includevarious data items within the interactive post. For example, aninteractive post can include links or points to multiple targets. Asanother example, in some implementations, an interactive post caninclude a dynamic counter in the post that updates when updatedinformation is available. For example, the dynamic counter can display anumber of items available from a third party supplier associated withthe second server 107. In some implementations, the interactive post mayinclude multiple button, each button having different icon. As anotherexample, the interactive post may include a personalized URL. In someimplementations, the interactive post may include button has keep apersistent state and upon a user selection. In some implementations, theinteractive post may include graphic representation of users who haveinteracted with the post. In some implementations, the interactive postsmay be coalesced and bundled together based on various factors.

FIG. 10 is a flowchart of an example method 100 for generating useractivity information. As shown in FIG. 10, the method 1000 can includereceiving 1002 activity information associated with a user from a firstserver 101. For example, activity information associated with the useractivity may be received from a first server 101, for example, a socialnetwork server and the user activity may be user activity information onthe user's social network Additionally, activity information related touser activity on a second server 107 or website may also be received.For example, if a user purchased an item, the activity (upon userconsent) is received. Other activity information related to useractivity on the second server 107 is also received. The method 1000 canfurther receiving 1002 data associated with the activity informationfrom a second server 107. For example, if the user purchase an item, thedata associated with the purchased, for example the item description orthe price, may also be received. The method 1000 can also includeaggregating 1004 activity information at the first server. For example,the received activity information may be collected and aggregated on thefirst server. The activity information may include activity on the firstserver. The first server may be a social network server and the activityinformation may be activity on the social network. The activityinformation may include user activity information on various otherservers, for example, servers hosting various third party websites. Themethod 1000 can further include determining, by the first server, 1008associated information related to aggregated activity information. Theassociated information may be information related to the aggregatedactivity information. For example, if the user viewed a video hosted bya second server, the associated information may be how many times theuser viewed the video or whether the user commented on the video. Themethod 1000 also includes sending 1010 associated information fordisplay on a user device. The method 1000 also includes sending 1010associated information to the second server for display on a userdevice. For example, the information related to the user activity(including the activity information on a third party website, otherwebsite, or social network) may be displayed on the third party website.For example, the information related to the user activity (including theactivity information on a third party website, other website, or socialnetwork) may be displayed on the user's social network, or presented tothe user with the option to display.

FIG. 11 is a graphic representation of an example user interface 1100 ofa social network portal 1102 displaying activity summaries for a user125. The social network portal 1102 includes various sections accessibleby icons 1104 a, 1104 b, 1104 c, 1104 d. In this graphic representationof an example user interface 1100, the section icons 1104 a, 1104 b,1104 c, 1104 d are displayed on a display device associated with theuser device 115. The user interface 1100 includes activity summaries1106 a, 1106 b, 1106 c. The activity summaries may also be referred toas “share suggestions.” Each share suggestion 1106 a, 1106 b, 1106 c mayinclude one or more graphic representations 1108 a, 1108 b, 1108 c, 1108d of user activities described by the user activity data. Each sharesuggestion 1106 a, 1106 b, 1106 c may also include an activitydescription 1110 that describes the user activity.

As illustrated in this representation, user activity is organized andgrouped by type of activity (e.g., verbs including “comment,” “listen,”upload,” “view,” etc.) and displayed accordingly. In this example, theactivity summaries 1106 a, 1106 b, 1106 c also include a checkbox 1112that may be used to allow the user 125 to approve the information in theshare suggestion 1106 a, 1106 b, 1106 c to other users 125 (e.g., theuser 125 specifies the content to be provided as described above withreference to FIG. 6A). In other examples, another equivalent mechanismmay provide this capability.

FIG. 12 is a graphic representation of another example user interface1200 of a social network portal displaying activity summaries for a user125. Similar to the example social network portal 1202 depicted in FIG.11, the social network portal 1202 includes various sections accessibleby icons 1204 a, 1204 b, 1204 c, 1204 d. In this graphic representationof an example user interface 1200, the section icons 1204 a, 1204 b,1204 c, 1204 d are displayed on a display device associated with theuser device 115. The user interface 1200 includes activity summaries1206 a, 1206 b, 1206 c. Each share suggestion 1206 a, 1206 b, 1206 c mayinclude one or more graphic representations 1208 a, 1208 b, 1208 c, 1208d of user activity. Each share suggestion 1206 a, 1206 b, 1206 c mayalso include activity description 1210.

Similar to the user interface 1100, user activity illustrated in thisrepresentation of user interface 1200 is also organized and grouped bytype of activity (e.g., verbs including “comment,” “listen,” upload,”“view,” etc.) and displayed accordingly. In this example, the activitysummaries 1206 a, 1206 b, 1206 c also include a checkbox 1212 that maybe used to allow the user 125 to approve the information in the sharesuggestion 1206 a, 1206 b, 1206 c to other users 125 (e.g., the user 125specifies the content to be provided as described above with referenceto FIG. 6A). In other examples, another equivalent mechanism may providethis capability.

FIG. 13 is a graphic representation of an example user interface 1300 ofa social network portal 1302 displaying an interactive post of a user125. In this example, the interactive post of the user 125 can includemultiple targets or links within the interactive post, each target orlink with its own action. In some implementations, the social networkportal 1302 can include a user post 1304, graphic representation of theuser 1306, and comment area 1308. In the illustrated example, the userpost 1304 includes three links 1310, 1312, 1314 with three differentdestinations 1320, 1322, 1324. In the illustrated example, shown in FIG.13, when a user selects link 1310, the user is directed to the socialnetwork portal 1320 of the shopping website. In the illustrated example,shown in FIG. 13, when a user selects link 1312, the user is directed toa video demonstration available on another online portal 1322. In theillustrated example, shown in FIG. 13, when a user selects link 1314,the user is directed to the portal 1324 that allows the user to purchasea product associated with the user post 1304.

The aforementioned example user interface c00 illustrates one example ofan interactive post of a user. In other implementations, the interactivepost may include a dynamic counter that is associated with an inventoryor item availability of a third party site. For example, the third partysite may be a site that allows users to purchase movie theater ticketsfor various movies. In this example, the interactive post may include acounter that displays the number of tickets available from the thirdparty site. As tickets are bought by other users, the counter may beupdated to reflect the current number of tickets available.

In some implementations, the information and user activity describedabove can be analysed and used for analytical purposes. For example, oneimplementation can track activities sent and present the information ona graphical user interface showing, for example, a graph or a chart ofthe tracked information. In another implementation, the actions on thetargets or links within a post can be tracked. In some implementations,this tracked information can be used to further enhance the posts beingdisplayed. In some implementations, the enhancements can includechanging the font of the links or targets in the post (for example,increasing the size of frequently selected links or targets). In someimplementations, the enhancements can include changing the presentationorder of the links or targets. For example, if one link or target ismore frequently selected, then that link or target may changed to bepresented on the top of the post. In some implements, the number of newusers acquired from a post or the number of new applications installedbecause of a post may also be tracked.

In the above description, for purposes of explanation, numerous specificdetails are set forth in order to provide a thorough understanding ofthe specification. It will be apparent, however, to one skilled in theart that the disclosure can be practiced without these specific details.In some instances, structures and devices are shown in block diagramform in order to avoid obscuring the description. For example, thepresent implementations can be described above primarily with referenceto user interfaces and particular hardware. However, the presentimplementations can apply to any type of computing device that canreceive data and commands, and any peripheral devices providingservices.

Reference in the specification to “some implementations” or “someinstances” means that a particular feature, structure, or characteristicdescribed in connection with the implementations or instances can beincluded in at least one implementation of the description. Theappearances of the phrase “in some implementations” in various places inthe specification are not necessarily all referring to the sameimplementations.

Some portions of the detailed descriptions that follow are presented interms of algorithms and symbolic representations of operations on databits within a computer memory. These algorithmic descriptions andrepresentations are the means used by those skilled in the dataprocessing arts to most effectively convey the substance of their workto others skilled in the art. An algorithm is here, and generally,conceived to be a self consistent sequence of steps leading to a desiredresult. The steps are those requiring physical manipulations of physicalquantities. Usually, though not necessarily, these quantities take theform of electrical or magnetic signals capable of being stored,transferred, combined, compared, and otherwise manipulated. It hasproven convenient at times, principally for reasons of common usage, torefer to these signals as bits, values, elements, symbols, characters,terms, numbers or the like.

It should be borne in mind, however, that all of these and similar termsare to be associated with the appropriate physical quantities and aremerely convenient labels applied to these quantities. Unlessspecifically stated otherwise as apparent from the following discussion,it is appreciated that throughout the description, discussions utilizingterms including “processing” or “computing” or “calculating” or“determining” or “displaying” or the like, refer to the action andprocesses of a computer system, or similar electronic computing device,that manipulates and transforms data represented as physical(electronic) quantities within the computer system's registers andmemories into other data similarly represented as physical quantitieswithin the computer system memories or registers or other suchinformation storage, transmission or display devices.

The present implementations of the specification can also relate to anapparatus for performing the operations herein. This apparatus may bespecially constructed for the required purposes, or it may include ageneral-purpose computer selectively activated or reconfigured by acomputer program stored in the computer. Such a computer program may bestored in a computer readable storage medium, including, but is notlimited to, any type of disk including floppy disks, optical disks,CD-ROMs, and magnetic disks, read-only memories (ROMs), random accessmemories (RAMs), EPROMs, EEPROMs, magnetic or optical cards, flashmemories including USB keys with non-volatile memory or any type ofmedia suitable for storing electronic instructions, each coupled to acomputer system bus.

The specification can take the form of some entirely hardwareimplementations, some entirely software implementations or someimplementations containing both hardware and software elements. In somepreferred implementations, the specification is implemented in software,which includes but is not limited to firmware, resident software,microcode, etc.

Furthermore, the description can take the form of a computer programproduct accessible from a computer-usable or computer-readable mediumproviding program code for use by or in connection with a computer orany instruction execution system. For the purposes of this description,a computer-usable or computer readable medium can be any apparatus thatcan contain, store, communicate, propagate, or transport the program foruse by or in connection with the instruction execution system,apparatus, or device.

A data processing system suitable for storing and/or executing programcode will include at least one processor coupled directly or indirectlyto memory elements through a system bus. The memory elements can includelocal memory employed during actual execution of the program code, bulkstorage, and cache memories which provide temporary storage of at leastsome program code in order to reduce the number of times code must beretrieved from bulk storage during execution.

Input/output or I/O devices (including but not limited to keyboards,displays, pointing devices, etc.) can be coupled to the system eitherdirectly or through intervening I/O controllers.

Network adapters may also be coupled to the system to enable the dataprocessing system to become coupled to other data processing systems orremote printers or storage devices through intervening private or publicnetworks. Modems, cable modem and Ethernet cards are just a few of thecurrently available types of network adapters.

Finally, the algorithms and displays presented herein are not inherentlyrelated to any particular computer or other apparatus. Variousgeneral-purpose systems may be used with programs in accordance with theteachings herein, or it may prove convenient to construct morespecialized apparatus to perform the required method steps. The requiredstructure for a variety of these systems will appear from thedescription below. In addition, the specification is not described withreference to any particular programming language. It will be appreciatedthat a variety of programming languages may be used to implement theteachings of the specification as described herein.

The foregoing description of the implementations of the specificationhas been presented for the purposes of illustration and description. Itis not intended to be exhaustive or to limit the specification to theprecise form disclosed. Many modifications and variations are possiblein light of the above teaching. It is intended that the scope of thedisclosure be limited not by this detailed description, but rather bythe claims of this application. As will be understood by those familiarwith the art, the specification may be embodied in other specific formswithout departing from the spirit or essential characteristics thereof.Likewise, the particular naming and division of the modules, routines,features, attributes, methodologies and other aspects are not mandatoryor significant, and the mechanisms that implement the specification orits features may have different names, divisions and/or formats.Furthermore, as will be apparent to one of ordinary skill in therelevant art, the modules, routines, features, attributes, methodologiesand other aspects of the disclosure can be implemented as software,hardware, firmware or any combination of the three. Also, wherever acomponent, an example of which is a module, of the specification isimplemented as software, the component can be implemented as astandalone program, as part of a larger program, as a plurality ofseparate programs, as a statically or dynamically linked library, as akernel loadable module, as a device driver, and/or in every and anyother way known now or in the future to those of ordinary skill in theart of computer programming. Additionally, the disclosure is in no waylimited to implementation in any specific programming language, or forany specific operating system or environment. Accordingly, thedisclosure is intended to be illustrative, but not limiting, of thescope of the specification, which is set forth in the following claims.

What is claimed is:
 1. A method comprising: receiving, at a firstservice from a second service, a request for approval of datatransmission; receiving, at the first service, user information andinformation associated with a first device; determining whether a userhas previously granted access to the second service to the first serviceusing the first device; determining whether a second device waspreviously granted access to the first service; and responsive todetermining that the user has previously granted access to the secondservice to the first service using the first device and the seconddevice was previously granted access to the first service, sendingapproval to transmit data by the second service to the second device. 2.The method of claim 1, wherein the user device is a mobile phone.
 3. Themethod of claim 1, wherein the user device is a tablet computer.
 4. Themethod of claim 1, wherein the second service is a third party service.5. A method comprising: receiving, at a first service, content forpublishing from a user device, the content including a plurality of dataitems; receiving, at the first service, data associated with theplurality of data items from a second service, the second service havingreceived user authorization to interact with the first service;generating, by the first service, a post including a representation ofthe plurality of data items; receiving, at the first service, aselection of at least one of the plurality of data items; and generatingan action directed to the second service corresponding to the selection.6. The method of claim 5, wherein the content for publishing is receivedfrom the user device.
 7. The method of claim 5, wherein the content forpublishing is received from the second service.
 8. The method of claim5, wherein the second service is a third party service.
 9. A methodcomprising: receiving, at a first service, content for publishingincluding at least one data item; receiving, at the first service, dataassociated with the at least one data item from a second service, thesecond service having authorization to interact with the first service;generating, by the first service, a post including a dynamicrepresentation of the at least one data item; receiving, at the firstservice, an update associated with the at least one data item from thesecond service; and generating, by the first service, an updated postincluding an update to the dynamic representation of the at least onedata item based on the update associated with the at least one data itemfrom the second service.
 10. The method of claim 9, wherein the contentfor publishing is received from the user device.
 11. The method of claim9, wherein the content for publishing is received from the secondservice.
 12. The method of claim 9, wherein the second service is athird party service.
 13. A method comprising: receiving, at a firstservice, an indication that a user interacted with a second service;receiving, at the first service, an input identifying the secondservice; determining, at the first service, whether second service isenrolled with the first service; determining, at the first service, anidentity of the user; determining that the user authorized a particularscope of sharing of data from the first service to the second service;determining, at the first service, what information the user haspermitted sharing with the second service based on the particular scopeof sharing; retrieving the permitted user information from the firstservice; and providing permitted information to the second service. 14.The method of claim 13, further comprising: encrypting the userinformation; and providing encrypted permitted information to the secondservice.
 15. The method of claim 13, wherein the second service is athird party service.
 16. A method comprising: receiving activityinformation associated with a user from a first service, the activityinformation including information related to the user activityassociated with a second service on the first service; receiving dataassociated with the activity information from a second service;aggregating the activity information from the first service and the datafrom the second service at the first service; determining, at the firstservice, associated information related to aggregated activityinformation; and sending the associated information and at least aportion of the aggregated activity information and data from secondservice to the second service for display.
 17. The method of claim 16,wherein sending the associated information for display including sendingthe information to the first service.
 18. The method of claim 16,wherein the second service is a third party service.